Scope of Security Testing

Web applications and products

Mobile Applications and products

With ever increasing need for business to open its doors to business, web application is perhaps the first face that an organisation has. This first face is also perhaps the first place to get attracted and attacked in our internet world. With ease of availability of tools and resources, and absence of secure development processes, the need for protecting you web applications is even higher than ever before. The process applies to both traditional web applications as well as mobile application security.

Best Practice Frameworks

OWASP Top 10 (2013)

A1 Injection

A2 Broken Authentication and Session Management

A3 Cross-Site Scripting (XSS)

A4 Insecure Direct Object References

A5 Security Misconfiguration

A6 Sensitive Data Exposure

A7 Missing Function Level Access Control

A8 Cross-Site Request Forgery (CSRF)

A9 Using Components with Known Vulnerabilities

A10 Unvalidated Redirects and Forwards

How Coral can help?

We use a risk assessment approach that involves understanding the application/product using a structured methodology: The process involves the followings(not exhaustive):